Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
File: xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft (raw, json)
Hash identifier: dxepx7ZHNM7kLu0i/1FPLwa6ENkq+BkUMKbMZR1wpjk=
Subject key identifier: AF:87:38:6D:6E:76:03:49:72:67:AB:91:FA:DD:6A:E4:82:A1:58:2B
Authority key identifier: C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
Certificate issuer: /CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Certificate serial: 019A72934B3E1CF40A89BA202A5BC9C17EAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
Manifest number: 06EA
Signing time: Tue 11 Nov 2025 11:00:46 +0000
Manifest this update: Tue 11 Nov 2025 11:00:46 +0000
Manifest next update: Wed 12 Nov 2025 11:00:46 +0000
Files and hashes: 1: CL-hnZLAW32dB0McMUvKXumHbjc.roa (hash: /6abOSVtqiSm907QP0eqatEoUJFnqFDpeoJMvvSk4WA=)
2: xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl (hash: 27VmrCZ2GLlXK2UOHaIw4x4AkVSyMvr/ET5hQyV4VNQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:4b:3e:1c:f4:0a:89:ba:20:2a:5b:c9:c1:7e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Validity
Not Before: Nov 11 11:00:46 2025 GMT
Not After : Nov 12 11:00:46 2025 GMT
Subject: CN=af87386d6e7603497267ab91fadd6ae482a1582b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:0b:7f:8a:31:f3:22:eb:71:a2:5a:9e:ef:
b6:3c:58:6f:85:ae:07:96:45:97:55:d3:3b:10:3a:
3b:b9:9e:63:71:73:c4:54:da:a6:22:fa:ed:5a:c8:
70:cc:ad:d5:1b:b8:d1:69:c3:ce:45:19:a8:76:9b:
c2:80:1c:f3:67:a6:25:af:d4:47:46:f5:a8:d1:67:
0e:b1:71:89:e1:b4:9b:00:63:9e:52:f2:67:46:de:
1e:e5:2c:a4:b2:14:64:f3:8e:ff:6a:2b:f7:54:27:
f0:58:d0:d1:7e:46:f9:80:c9:ff:d8:e9:f5:58:d8:
a1:95:dc:90:16:93:f0:83:2c:63:01:03:57:d5:bf:
e8:8b:f8:b3:83:40:52:a4:69:be:cf:86:44:a2:d2:
db:f1:0f:0e:ff:ee:c1:ec:66:e2:59:13:07:1a:bc:
a9:b1:91:2b:e1:af:fa:2b:a9:59:e7:87:e0:a1:e2:
db:06:da:96:a9:75:4c:39:74:eb:35:aa:0d:91:2a:
91:f4:e4:f8:93:65:c0:0f:a0:d6:29:fe:08:b0:36:
57:24:7b:9c:1f:1d:d5:07:59:6e:74:55:8a:f4:9c:
20:f0:c1:98:fa:34:47:67:90:82:75:b0:90:c7:54:
8e:0e:aa:47:b2:df:26:5c:f3:12:5e:a2:34:ff:be:
a1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:87:38:6D:6E:76:03:49:72:67:AB:91:FA:DD:6A:E4:82:A1:58:2B
X509v3 Authority Key Identifier:
keyid:C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:52:95:9d:6e:73:0b:42:07:6c:1a:1a:d2:fb:6c:ca:c5:12:
ea:f8:e2:a7:72:ec:cc:42:3e:27:ec:be:bb:32:e7:2e:fb:72:
85:44:7d:d8:82:ee:fd:f7:81:f0:98:15:67:1c:50:c9:eb:c1:
7c:36:ab:04:b7:28:46:cd:5c:7e:24:08:82:a4:a2:91:19:5e:
e1:4f:77:9e:61:cf:7d:61:af:97:4a:52:ff:57:a1:14:35:01:
d2:f1:9d:0c:5a:df:cb:9a:26:0b:c8:b2:ab:24:1e:eb:e6:48:
d7:c9:4b:0b:f2:da:3a:ac:ad:ab:e1:cf:2d:fc:78:65:18:60:
21:e7:da:e1:bb:01:f0:75:12:5f:4a:f6:8c:46:11:de:30:1c:
25:7f:69:46:be:14:9b:6d:2e:cc:4f:dd:72:64:88:0a:4d:36:
cf:24:11:a8:3d:7b:a5:d7:54:d1:cc:9e:55:c4:e9:c8:74:bf:
0f:6f:50:52:66:1a:9c:d3:b6:18:b6:a2:80:ca:44:67:0b:e2:
a4:11:57:4b:4e:71:33:c9:1a:8f:02:d1:d7:ba:9d:29:90:ee:
71:6c:26:ca:c7:d6:4a:47:ba:24:61:ca:77:17:3d:61:d3:93:
80:26:a2:fb:cb:e6:9c:c2:85:a1:e1:74:e2:ab:f9:7b:46:e2:
de:e0:33:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0s+HPQKibogKlvJwX6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzY2NTNlODdiYjJlZjlhZGJiMDYxOTYwZTIwNTAwYTU1
NGYwMzUwHhcNMjUxMTExMTEwMDQ2WhcNMjUxMTEyMTEwMDQ2WjAzMTEwLwYDVQQD
EyhhZjg3Mzg2ZDZlNzYwMzQ5NzI2N2FiOTFmYWRkNmFlNDgyYTE1ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6YLf4ox8yLrcaJanu+2PFhvha4H
lkWXVdM7EDo7uZ5jcXPEVNqmIvrtWshwzK3VG7jRacPORRmodpvCgBzzZ6Ylr9RH
RvWo0WcOsXGJ4bSbAGOeUvJnRt4e5SykshRk847/aiv3VCfwWNDRfkb5gMn/2On1
WNihldyQFpPwgyxjAQNX1b/oi/izg0BSpGm+z4ZEotLb8Q8O/+7B7GbiWRMHGryp
sZEr4a/6K6lZ54fgoeLbBtqWqXVMOXTrNaoNkSqR9OT4k2XAD6DWKf4IsDZXJHuc
Hx3VB1ludFWK9Jwg8MGY+jRHZ5CCdbCQx1SODqpHst8mXPMSXqI0/76hbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+HOG1udgNJcmerkfrdauSCoVgrMB8GA1UdIwQY
MBaAFMbGZT6Huy75rbsGGWDiBQClVPA1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTkt
M2JiYTM2MjgzMjRiLzEveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTktM2JiYTM2MjgzMjRi
LzEveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADlKVnW5z
C0IHbBoa0vtsysUS6vjip3LszEI+J+y+uzLnLvtyhUR92ILu/feB8JgVZxxQyevB
fDarBLcoRs1cfiQIgqSikRle4U93nmHPfWGvl0pS/1ehFDUB0vGdDFrfy5omC8iy
qyQe6+ZI18lLC/LaOqytq+HPLfx4ZRhgIefa4bsB8HUSX0r2jEYR3jAcJX9pRr4U
m20uzE/dcmSICk02zyQRqD17pddU0cyeVcTpyHS/D29QUmYanNO2GLaigMpEZwvi
pBFXS05xM8kajwLR17qdKZDucWwmysfWSke6JGHKdxc9YdOTgCai+8vmnMKFoeF0
4qv5e0bi3uAzaw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:32 2025 by rpki-client